net/cert/x509_certificate_win.cc - Issue 683113005: Update from chromium https://crrev.com/302282

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/x509_certificate_win.cc

Issue 683113005: Update from chromium https://crrev.com/302282 (Closed) Base URL: git@github.com:domokit/mojo.git@master

Patch Set: Created 6 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/x509_certificate_win.cc

diff --git a/net/cert/x509_certificate_win.cc b/net/cert/x509_certificate_win.cc

index df263d8fa90838d9af5fb7db8e72b0eed0ee8f30..0bed756a90570bfff853ab184a57befa291c2a95 100644

--- a/net/cert/x509_certificate_win.cc

+++ b/net/cert/x509_certificate_win.cc

@@ -4,8 +4,6 @@

#include "net/cert/x509_certificate.h"

-#include <blapi.h> // Implement CalculateChainFingerprint() with NSS.

#include "base/logging.h"

#include "base/memory/scoped_ptr.h"

#include "base/pickle.h"

@@ -17,6 +15,13 @@

#include "crypto/sha2.h"

#include "net/base/net_errors.h"

+// Implement CalculateChainFingerprint() with our native crypto library.

+#if defined(USE_OPENSSL)

+#include <openssl/sha.h>

+#else

+#include <blapi.h>

+#endif

#pragma comment(lib, "crypt32.lib")

using base::Time;

@@ -334,15 +339,22 @@ SHA256HashValue X509Certificate::CalculateFingerprint256(OSCertHandle cert) {

return sha256;

}

-// TODO(wtc): This function is implemented with NSS low-level hash

-// functions to ensure it is fast. Reimplement this function with

-// CryptoAPI. May need to cache the HCRYPTPROV to reduce the overhead.

-// static

SHA1HashValue X509Certificate::CalculateCAFingerprint(

const OSCertHandles& intermediates) {

SHA1HashValue sha1;

memset(sha1.data, 0, sizeof(sha1.data));

+#if defined(USE_OPENSSL)

+ SHA_CTX ctx;

+ if (!SHA1_Init(&ctx))

+ return sha1;

+ for (size_t i = 0; i < intermediates.size(); ++i) {

+ PCCERT_CONTEXT ca_cert = intermediates[i];

+ if (!SHA1_Update(&ctx, ca_cert->pbCertEncoded, ca_cert->cbCertEncoded))

+ return sha1;

+ }

+ SHA1_Final(sha1.data, &ctx);

+#else // !USE_OPENSSL

SHA1Context* sha1_ctx = SHA1_NewContext();

if (!sha1_ctx)

return sha1;

@@ -354,6 +366,7 @@ SHA1HashValue X509Certificate::CalculateCAFingerprint(

unsigned int result_len;

SHA1_End(sha1_ctx, sha1.data, &result_len, SHA1_LENGTH);

SHA1_DestroyContext(sha1_ctx, PR_TRUE);

+#endif // USE_OPENSSL

return sha1;

}

@@ -472,4 +485,17 @@ bool X509Certificate::IsIssuedByEncoded(

return false;

}

+// static

+bool X509Certificate::IsSelfSigned(OSCertHandle cert_handle) {

+ return !!CryptVerifyCertificateSignatureEx(

+ NULL,

+ X509_ASN_ENCODING,

+ CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT,

+ reinterpret_cast<void*>(const_cast<PCERT_CONTEXT>(cert_handle)),

+ CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT,

+ reinterpret_cast<void*>(const_cast<PCERT_CONTEXT>(cert_handle)),

+ 0,

+ NULL);

} // namespace net

« no previous file with comments | « net/cert/x509_certificate_unittest.cc ('k') | net/cookies/cookie_monster.h » ('j') | no next file with comments »